You are viewing a single comment's thread from:

RE: What is the difference between a password and a private key(s) on Steemit and how to make your account more secure, by using them correctly.

in #security7 years ago

It is secure, but when you interacting with a browser, you can paste you password in the wrong field, because you can forget that you have it in the clipboard. So this is about minimizing a possibility of making human error factor.

7 years ago in #security by
$0.00
    Reply 11
    Sort:  
  • Trending
    • [-]
     7 years ago  

    every time I use any kind of password, I go back after and copy random little text, just to make sure.... (it's my little don't go insane habit) :)

    $0.56
    • Past Payouts $0.56
    • - Author $0.55
    • - Curators $0.01
    2 votes
    Reply
    [-]
     7 years ago  

    very good habit :)

    $0.00
      Reply
      [-]
       7 years ago  

      does steemit save our keys on a server?

      $0.00
        Reply
        [-]
         7 years ago  

        nope. All keys are saved in a browser in your localstorage. As you can see in the end of you my article, I am going to write a detail post about exactly this topic :) Stay tuned :)

        [-]
         7 years ago  

        ok i will wait patiently for it. This is the exact thing i want to understand. thank you

        $0.00
          Reply
          [-]
           7 years ago  

          This is the beauty of public and private key encryption. Any system can validate your signed messages using your public key (i.e. ensuring you used the correct private key), but they don't ever have to have access to your private key to do so. That's why if you lose your private keys, they are lost forever. No one has a backup but you. :)

          $0.00
            Reply
            [-]
             7 years ago  

            yes, but how does the private key get sent to steemit, after you input it into the box? This is the part i still don't understand....where does that private key go? To what area inside of the steemit website?

            $0.00
              Reply
              [-]
               7 years ago  

              As far as I understand (I may be wrong), it doesn't get sent to Steemit. JavaScript in the browser uses what you input there, runs the appropriate signing algorithm to create signed content and then sends that signed content to Steemit. Steemit then uses the public key to validate the signature. If you're familiar with public and private key encryption and signing / validating signatures, this makes a lot more sense. PGP is a great example and I've used that for a long time so it's familiar to me. I hope that helps. Thanks for asking these questions!

              $2.29
              • Past Payouts $2.29
              • - Author $2.24
              • - Curators $0.05
              1 vote
              Reply
              [-]
               7 years ago  

              JavaScript in the browser uses what you input there, runs the appropriate signing algorithm to create signed content

              yes, this is the specific information I was seeking. thanks. I'm starting to dig into encryption, and how it works. This is good to know because I was a bit paranoid about our keys....why don't we have 2FA on here?

              $0.00
                Reply
                Load more...